SAML 2.0
Single sign-on (SSO) allows users to use a single login for multiple enterprise applications. The SAML 2.0 integration allows your team to sign in using your existing identity provider instead of the user's Invoiced username and password.
Within your identity provider follow these instructions:
- Create a new SAML 2.0 application in your identity provider for Invoiced.
- Enter in the below for the service URL:
- Set the Audience field to invoiced.
- Set the NameID field to the email address.
Now go to the Invoiced application:
- Go to Settings → Team → SSO. If you do not see the SSO tab then contact support to have it enabled.
- Click on the Enable SSO toggle.
- Copy the certificate from the identity provider and paste it into the X.509 Certificate field.
- Copy over the Issuer URL into the Identity Provider Identifier or Issuer URL field.
- Copy over the Single Sign-On URL into the Identity Provider Single Sign-On URL field.
Once SSO is properly configured, users can click the Login with SSO button on the login screen or go here. The user will be required to enter in their email address. Assuming there is a match the user will then be signed in through their identity provider
Alternatively, instead of using the Invoiced login form, you can sign in from your Identity Provider using a feature known as Identity Provider-Initiated Sign In.